xcodes icon indicating copy to clipboard operation
xcodes copied to clipboard
verified publisher icon XcodesOrg

xcodes + apple id login + 2FA

Open mlanders-spectra opened this issue 2 years ago • 6 comments

Hi,

steps/details that brought me here:

  1. ran into an issue in an iOS build pipeline where xcversion was not detecting the presence of xcode 15 even when it existed on the host system and read about migrating from xcversion to xcodes
  2. read through xcodes setup info + setup environment variables XCODES_USERNAME and XCODES_PASSWORD with apple id info
  3. install latest version of xcodes via brew on a github mac runner within a workflow
  4. run xcodes commands from within this workflow such as xcodes install 15
  5. ran into an infinitely repeating prompt from xcodes for 2FA regarding the apple ID within the workflow which can't be satisfied because this is an automated process vs a human on a terminal.

I am in the process of migrating from use of xcversion to xcodes within a github pipeline that requires specific versions of xcode to do iOS app builds. Documentation on the xcversion side says that tool is deprecated and that xcodes should now be used in its place. Great! Everything makes sense to me so far with the exception of 1 point- the requirement of inputting an apple id user / pass. Since it seems to be required for some unknown reason, I defined values for the XCODES_USERNAME and XCODES_PASSWORD environment variables which are documented by xcodes as a way to automate this portion. Downloading xcode shouldn't require an apple ID, but now I've noticed my pipeline breaks if xcodes/apple decides that I need to use 2FA during a particular login session. This whole 2fa aspect of xcodes seems to break my automated use case. Is there a way to enable a completely automated workflow with xcodes? Ideally there would be a way to disable use of an apple ID entirely within xcodes. This current workflow makes no sense for an automated use case because the 2FA will sometimes break my workflow. Am I missing something here? I feel like this question makes sense but if someone reading this notices I'm missing something obvious here please let me know.

Mike

mlanders-spectra avatar Nov 15 '23 20:11 mlanders-spectra

I have the same scenario, @mlanders-spectra did you found a way to skip the 2FA?

dogo avatar Jan 24 '24 14:01 dogo

I ran into the same problem lately. Has anyone found a solution yet?

gentges avatar Feb 06 '24 20:02 gentges

Did any one find solution for skipping the 2FA while logging? Is there an alternate way to get the 2FA code thru APIs or some token which would authenticate user and get the token?

mukhasir avatar Aug 22 '24 20:08 mukhasir

Bumping this in case anyone found a solution? I know that for uploading to testlifght one can use a APPLE_APPLICATION_SPECIFIC_PASSWORD to bypass the 2FA, this could probably apply here as well, but no idea how to actually implement it

christian-hess-94 avatar Dec 03 '24 17:12 christian-hess-94

Same here, even more so in the case of using Jenkins jobs.

cesarjorgemartinez avatar Dec 17 '24 14:12 cesarjorgemartinez

Apple provides a nice API for using AppStore Connect. In that api you can use a app specific password.

Xcodes and others do not get privilege. There is no official API for what we do. There's nothing I would love more then to support app specific password logins or support "Login with Apple" via official api's, but the developer website where the xcodes downloads are do not support that.

MattKiazyk avatar Dec 17 '24 14:12 MattKiazyk